Re: jail sockstat shows gdnc, gdomap, casperd as enabled

From: David Chisnall <theraven_at_FreeBSD.org>
Date: Tue, 3 Jun 2014 09:12:02 +0100
On 3 Jun 2014, at 09:00, Beeblebrox <zaphod_at_berentweb.com> wrote:

> I know that they are related to GNUstep (although I have no idea what
> GNUstep actually does other than act as a messaging system probably like
> dbus). Anyway, I don't understand how & why they start up and that's
> exactly my question. The only insight I can provide, is that /usr/local is
> null_mounted on to jail/usr/local, but that should not really have this
> effect.

gdomap is the service that GNUstep uses for distributed objects.
gdnc is the service that GNUstep uses for distributed (broadcast) notifications.

They are both started on demand.  If they're running in your jail, then it most likely means that something inside your jail has started them.

Both gdomap and gdnc are intended to allow messaging between computers on the local network and so will bind to a public IP.  Given that neither of them has had any kind of serious security auditing (or even anyone trying to fuzz their parsers), I'd strongly recommend firewalling them off from the outside world.

David
Received on Tue Jun 03 2014 - 06:12:13 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:49 UTC